Secure Your Enterprise: Best Practices for SaaS Adoption

Cory Wheeler

At ProcureCon 2018, Zylo hosted a panel discussion of procurement and IT professionals. The panel covered topics surrounding software (Cloud and on-premise) management. In our ProcureCon Series, we’ll break down the hour-long discussion into three blogs. First up, secure your enterprise: best practices for SaaS adoption.

ProcureCon Series: Blog #1

What is the SaaS adoption strategy within your organization? What are your priorities when adopting SaaS?

Carla DiCastro, Workday

Senior Global Sourcing Manager

At Workday, Carla supports the CIO office. IT offices primarily purchase software; Carla acts as the link between finance and IT, ensuring software consistently provides value.

Before a standard process stood, Workday employees were encouraged to buy solutions as they saw fit, to uphold the primary priority of business agility. Now, priorities have shifted, best practices for SaaS adoption changed across Workday.

To ensure data privacy and security, Workday employees follow an established process when adopting new software solutions. Laddering back up to the CIO, all contracts go through Carla’s office.

As one could imagine, Carla’s team is not equipped to own all these relationships with vendors. Instead, she educated her leaders to respect a strict process: they know the questions to ask and the steps to take. Consequently, the process vets every vendor.

Josh Pickles, Salesforce

Senior Manager, Technology Sourcing, Global Strategic Sourcing & Supplier Management

Salesforce, a Cloud-native company, primarily buys Cloud-based software solutions. As a public company, top priorities are to maintain rigorous security standards and gain full visibility into the software subscriptions of acquired companies.

Similar to Workday, Salesforce operates under a standard intake process. In the past, freemium software proved a threat to that process: the barrier to entry is so low that permissions slip through the cracks.

Now, Salesforce allows only software purchases that Josh and his team formally vet. Unsurprisingly, at the time the restriction was announced, Josh’s inbox flooded with rejected expense transactions: the flood was inconvenient but provided a good conversation starter around buying software.

Much of Salesforce’s SaaS management success is a direct result of the best practices for SaaS adoption established with the CSO, CIO, and CFO at the table. Processes built with leadership buy-in across the organization help Salesforce stay agile, fiscally responsible, and secure.

Aleta Jeffress, City of Aurora


A state-owned entity, City of Aurora meets all public compliances. Serving over 20 lines of business, Aleta has struck a difficult balance, managing over 200 cloud and on-prem applications.

When beginning her role, Aleta took stock and created an inventory of all applications. By creating relationships and building a process, she brought procurement, IT, and legal together to build a master services agreement.

The master services agreement vets all new vendors. Although vendors are not usually a fan of this legal process, Aleta is now able to manage risk and drive value.

Overcoming employees’ preferences of write-your-own or on-prem software solutions as well as educating finance professionals about SaaS pricing structure are unexpected challenges.

Zylo Secures Your Enterprise

With nearly $2 billion of annual SaaS spend under management, Zylo changes the way software is purchased and managed.

Request a Demo

About the Author

Cory Wheeler

Cory Wheeler is the VP of Services and Customer Success at Zylo, where he helps tech-forward companies understand, manage and optimize their cloud-based infrastructure via the Zylo platform. Prior to Zylo, Cory spent 15 years in Finance and Procurement, managing categories and sourcing teams at Arthur Andersen, BearingPoint and both Takeda and Astellas Pharmaceuticals. Cory then built the Procurement organization at ExactTarget in 2012, and managed the integration of the new Marketing Cloud Procurement organization into Salesforce.com in 2015. He and his family reside in Indianapolis, IN, where they can be found cheering for the Purdue Boilermakers and Chicago Cubs.